To give you the best possible experience, this site uses cookies. Review our Privacy Policy and Terms of Service to learn more. Am înţeles!
Artwork

Business Tech News Reimagining Cyber Cybersecurity Cyber Security News Hacking Technology Cybercrime Tech Cyber Security Hackers Its Information Technology
Content provided by Reimagining Cyber. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Reimagining Cyber or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ro.player.fm/legal.
Player FM - Aplicație Podcast
Treceți offline cu aplicația Player FM !
Get it on App Store Get it on Google Play

Reimagining Cyber - real world perspectives on cybersecurity »
U.S. Disrupts China-Linked Botnet: What's Going On? - Ep 116

13:56
 
Play
În redare
Distribuie
 

MP3Pagina episodului
Manage episode 441689104 series 3361845
Content provided by Reimagining Cyber. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Reimagining Cyber or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ro.player.fm/legal.

In this episode, Rob Aragao talks about a recent joint cybersecurity advisory highlighting People's Republic of China-linked actors compromising routers and IoT devices for botnet operations. The advisory points to over 260,000 IoT devices, impacted by a botnet called Raptor Train.

It’s being alleged that Integrity Technology Group (Integrity Tech) are behind the incident. The report says

“[Integrity Technology Group is a] company based in the PRC with links to the PRC government. Integrity Tech has used China Unicom Beijing Province Network IP addresses to control and manage the botnet described in this advisory. In addition to managing the botnet, these same China Unicom Beijing Province Network IP addresses were used to access other operational infrastructure employed in computer intrusion activities against U.S. victims. FBI has engaged with multiple U.S. victims of these computer intrusions and found activity consistent with the tactics, techniques, and infrastructure associated with the cyber threat group known publicly as Flax Typhoon, RedJuliett, and Ethereal Panda.”

Detected by Lumen’s Black Lotus Labs, the advisory was issued by the FBI, NSA, and Cyber National Mission Force.

Rob explains that the botnet leverages code from the notorious Mirai malware, designed to exploit IoT devices running Linux-based systems, which has been in circulation for nearly a decade. He breaks down the architecture of the botnet, including its three-tier structure, and the role of compromised IoT devices, command-and-control servers, and management layers.

Additionally, the discussion explores China's growing focus on cybersecurity talent recruitment, including the Matrix Cup, a hacking competition co-sponsored by Integrity Technology Group. The episode also offers recommendations for mitigating IoT device vulnerabilities, such as strong password management, patch updates, and network segmentation.

Don't forget to rate, review, and subscribe to stay updated on future episodes!

Follow or subscribe to the show on your preferred podcast platform.
Share the show with others in the cybersecurity world.
Get in touch via reimaginingcyber@gmail.com

  continue reading

116 episoade

#Business #Tech News #Reimagining Cyber #Cybersecurity #Cyber #Security #News #Hacking #Technology #Cybercrime #Tech #Cyber Security #Hackers #Its #Information Technology
Artwork

U.S. Disrupts China-Linked Botnet: What's Going On? - Ep 116

Reimagining Cyber - real world perspectives on cybersecurity

published

Play În redare
iconDistribuie
 
MP3Pagina episodului
Manage episode 441689104 series 3361845
Content provided by Reimagining Cyber. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Reimagining Cyber or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ro.player.fm/legal.

In this episode, Rob Aragao talks about a recent joint cybersecurity advisory highlighting People's Republic of China-linked actors compromising routers and IoT devices for botnet operations. The advisory points to over 260,000 IoT devices, impacted by a botnet called Raptor Train.

It’s being alleged that Integrity Technology Group (Integrity Tech) are behind the incident. The report says

“[Integrity Technology Group is a] company based in the PRC with links to the PRC government. Integrity Tech has used China Unicom Beijing Province Network IP addresses to control and manage the botnet described in this advisory. In addition to managing the botnet, these same China Unicom Beijing Province Network IP addresses were used to access other operational infrastructure employed in computer intrusion activities against U.S. victims. FBI has engaged with multiple U.S. victims of these computer intrusions and found activity consistent with the tactics, techniques, and infrastructure associated with the cyber threat group known publicly as Flax Typhoon, RedJuliett, and Ethereal Panda.”

Detected by Lumen’s Black Lotus Labs, the advisory was issued by the FBI, NSA, and Cyber National Mission Force.

Rob explains that the botnet leverages code from the notorious Mirai malware, designed to exploit IoT devices running Linux-based systems, which has been in circulation for nearly a decade. He breaks down the architecture of the botnet, including its three-tier structure, and the role of compromised IoT devices, command-and-control servers, and management layers.

Additionally, the discussion explores China's growing focus on cybersecurity talent recruitment, including the Matrix Cup, a hacking competition co-sponsored by Integrity Technology Group. The episode also offers recommendations for mitigating IoT device vulnerabilities, such as strong password management, patch updates, and network segmentation.

Don't forget to rate, review, and subscribe to stay updated on future episodes!

Follow or subscribe to the show on your preferred podcast platform.
Share the show with others in the cybersecurity world.
Get in touch via reimaginingcyber@gmail.com

  continue reading

116 episoade

#Business #Tech News #Reimagining Cyber #Cybersecurity #Cyber #Security #News #Hacking #Technology #Cybercrime #Tech #Cyber Security #Hackers #Its #Information Technology

Toate episoadele

×
 
Loading …

Bun venit la Player FM!

Player FM scanează web-ul pentru podcast-uri de înaltă calitate pentru a vă putea bucura acum. Este cea mai bună aplicație pentru podcast și funcționează pe Android, iPhone și pe web. Înscrieți-vă pentru a sincroniza abonamentele pe toate dispozitivele.

 

Ascultă peste 500 de subiecte
Player FM - Aplicație Podcast
Treceți offline cu aplicația Player FM !
Get it on App Store Get it on Google Play

Ghid rapid de referință

Podcast-uri de top
Florin Rosoga Podcast
Morning Glory cu Răzvan Exarhu
Epic Show Podcast
UPGRADE 100 Podcasts
România în direct - Europa FM
Deşteptarea - Europa FM
Pauza de Bine
Pe Bune
Player FM logo
Ajutor/FAQ | Upgrade | Advertise
Arte|Afaceri|Comedie|Economie|Divertisment|Știri|Politică|Religie
Ştiinţă|Fotbal|Sport|Povestiri|Tehnologie|True Crime
Drepturi de autor 2024 | Harta site-ului | Politica de confidenţialitate | Termenii serviciului | | Copyright
Episode being played series thumbnail
icon icon
Viteză
Setările seriei
1x
1x
Volume
100%
icon
icon icon
/

Vizualizați Player FM în ...
Player FM
Browser
Chrome
Safari
Firefox